So at work we have to use a bastion host for all our connections to servers to be able to get called PCI compliant. This kind of stuff could be a pain to use when you have to use another host to do RSYNC/SCP or other stuff that need direct transfer to workstation. Thankfully OpenSSH is very flexible and have multiple options to easy the pain. If you add this to your ~/.ssh/config : ...

If you want to bookmark a quick mozilla search from your house to another postcode you can use this URI : http://journeyplanner.tfl.gov.uk/user/XSLT_TRIP_REQUEST2?language=en&sessionID=0&type_destination=locator&name_destination=DESTINATION_POSTCODE&type_origin=locator&name_origin=ORIGIN_POSTCODE&place_origin=London&place_destination=London just change the DESTINATION and ORIGIN_POSTCODE to %s if you like or make it as static bookmark.

If you want to use FFAP (find-file-at-point) in ruby-mode you can add this to your .emacs (defvar ruby-program-name "ruby") (defun ruby-module-path(module) (shell-command-to-string (concat ruby-program-name " -e " "\"ret='()';$LOAD_PATH.each{|p| " "x=p+'/'+ARGV[0].gsub('.rb', '')+'.rb';" "ret=File.expand_path(x)" "if(File.exist?(x))};printf ret\" " module))) (eval-after-load "ffap" '(push '(ruby-mode . ruby-module-path) ffap-alist)) When you do ffap (i bind it to C-x f) near a require ‘PP’ for example it will find it in your ruby path.

If you use the XMLRPC client in ruby over a self certified SSL you have this warning : warning: peer certificate won’t be verified in this SSL session You can get override that warning cleanly (i have seen some people who just comment the message in the standard library) like that : require 'xmlrpc/client' require 'net/https' require 'openssl' require 'pp' module SELF_SSL class Net_HTTP < Net::HTTP def initialize(*args) super @ssl_context = OpenSSL::SSL::SSLContext.new @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE end end class XMLRPC_Client < XMLRPC::Client def initialize(*args) super @http = SELF_SSL::Net_HTTP.new( @host, @port, @proxy_host,@proxy_port ) @http.use_ssl = @use_ssl if @use_ssl @http.read_timeout = @timeout @http.open_timeout = @timeout end end end if __FILE__ == $0 f = SELF_SSL::XMLRPC_Client.new2("https://url") puts f.call("method", 'arg') end

While talking with my fellow colleague Darren Birkett about what seems a design limitation of yum to not be able to force listing the excludes from yum. I had a shoot to make a yum plugin to force listing the excludes. Here is how it works : root@centos5:> grep exclude /etc/yum.conf exclude=rpm* root@centos5:> yum install rpm-devel Loading “installonlyn” plugin Loading “changelog” plugin Loading “chmouel” plugin Loading “priorities” plugin Setting up Install Process Setting up repositories Reading repository metadata in from local files Excluding Packages in global exclude list Finished 0 packages excluded due to repository priority protections Parsing package install arguments Nothing to do ...

To anyone interested my extensive Emacs configuration is available here : http://code.google.com/p/chmouel/source And here is the usual screen shot :

This is fun, theses two CEO of theses big companies are dog fighting each others : Dave post: http://blogs.netapp.com/dave/2007/09/netapp-sues-sun.html Johanthan answer: http://blogs.sun.com/jonathan/entry/on_patent_trolling but the real (fake) truth about that post is here : http://fakeschwartz.blogspot.com/2007/09/bring-it-cowboy.html I tend to believe more NetAPP in this case, just because i don’t know how many time i have sweared on that bloody ps -aux that does not work on solaris. ...

If you want to generate properly encrypted password to feed to chpasswd, the most easier and proper way is to do that from command line : [code lang=“bash”] echo “encryptedpassword”|openssl passwd -1 -stdin [/code] If you want to generate in pure python you can do it like that : [code lang=“python”] def md5crypt(password, salt, magic=’$1$’): import md5 m = md5.new() m.update(password + magic + salt) # /* Then just as many characters of the MD5(pw,salt,pw) */ mixin = md5.md5(password + salt + password).digest() for i in range(0, len(password)): m.update(mixin[i % 16]) ...

If you like me you have a big screen with your laptop and wants to automate when your X session start to get the best resolution, you can use that script : [code lang=“bash”] #!/bin/bash function get_resolutions() { xrandr|while read -a line;do RES="${line[1]}x${line[3]} " [[ ${RES} != [0-9]* ]] && continue echo ${RES} done } _BEST_RES=0 BEST_RES= for res in $(get_resolutions);do _res=${res/x/} [[ $_res -ge ${_BEST_RES} ]] && { BEST_RES=${res} _BEST_RES=${_res} } done xrandr -s ${BEST_RES} [/code] ...

If you like me, you have to do a lot of installs1 of the same test machine with the same IP and have to ssh it you will notice this annoying message : IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 54:9d:c0:37:3a:80:48:6c:82:ec:d1:84:93:61:24. Please contact your system administrator. Add correct host key in /home/cboudjnah/.ssh/known_hosts to get rid of this message. Offending key in /home/cboudjnah/.ssh/known_hosts:595 Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks. Agent forwarding is disabled to avoid man-in-the-middle attacks. I have automated the cleanup by a script : [code lang=“bash”] #!/bin/bash H=$1 ...